Frank Crast, Author at Securezoo

Cisco patches Critical Cisco Expressway Series and Cisco TelePresence Video Communication Server vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 7, 2022 / Cisco, CVE-2022-20812, CVE-2022-20813, TelePresence

Cisco has released a Critical severity security advisory for Cisco Expressway Series and Cisco TelePresence Video Communication Server vulnerabilities (CVE-2022-20812 and CVE-2022-20813).

Cisco patches Critical Cisco Expressway Series and Cisco TelePresence Video Communication Server vulnerabilities Read More »

Maui ransomware targets entities in the Healthcare and Public Health sector

Cybersecurity Attacks, Malware / Frank Crast / July 6, 2022 / CISA, Cybersecurity Threat Center, FBI, Health, healthcare, HPH, Maui, Public Health, Treasury

Cybersecurity experts warn North Korean State-Sponsored threat actors are using Maui ransomware to target entities in the Healthcare and Public Health (HPH) sector.

Maui ransomware targets entities in the Healthcare and Public Health sector Read More »

MedusaLocker ransomware threat

Cybersecurity Attacks, Malware / Frank Crast / July 6, 2022 / MedusaLocker, Ransomware

Threat actors are exploiting primarily Remote Desktop Protocol (RDP) vulnerabilities on victim computers to deploy MedusaLocker ransomware.

MedusaLocker ransomware threat Read More »

Google releases Chrome 103 security update with fix for zero-day vulnerability (CVE-2022-2294) exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 6, 2022 / Chrome, Chrome103, CVE-2022-2294, CVE-2022-2295, CVE-2022-2296, Cybersecurity Threat Center, WebRTC, Zero-day

Google has released Chrome 103.0.5060.114 for Windows with fixes for multiple vulnerabilities, to include one High severity zero-day (CVE-2022-2294) exploited in the wild.

Google releases Chrome 103 security update with fix for zero-day vulnerability (CVE-2022-2294) exploited in the wild Read More »

OpenSSL patches High risk RSA private key operation vulnerability (CVE-2022-2274)

Cryptography, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 6, 2022 / CVE-2022-2274, Cybersecurity Threat Center, OpenSSL, RSA

OpenSSL has patched one High risk heap memory corruption with RSA private key operation (CVE-2022-2274) in certain OpenSSL versions.

OpenSSL patches High risk RSA private key operation vulnerability (CVE-2022-2274) Read More »

Django fixes High severity SQL injection vulnerability (CVE-2022-34265)

Application Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 4, 2022 / CVE-2022-34265, Django, SQL injection

Django has released a security fix for a High severity SQL injection vulnerability (CVE-2022-34265) in Django 4.0.6 and 3.2.14.

Django fixes High severity SQL injection vulnerability (CVE-2022-34265) Read More »

Toll fraud Android malware is major threat to steal your money

Malware, Mobile Security / Frank Crast / July 4, 2022 / Android, Cybersecurity Threat Center, Google Play Store, malware, Microsoft, mobile, toll fraud

Researchers from Microsoft warn that toll fraud Android malware has been one of the most prevalent malware downloaded from the Google Play Store since 2017 and is a major threat to steal your money.

Toll fraud Android malware is major threat to steal your money Read More »

CISA adds Windows LSA Spoofing Vulnerability (CVE-2022-26925) to Known Exploited Vulnerabilities Catalog

Vulnerabilities & Exploits / Frank Crast / July 4, 2022 / CISA, CVE-2022-26925, Known Exploited Vulnerabilities Catalog, LSARPC, Microsoft

The Cybersecurity and Infrastructure Security Agency (CISA) has added a former zero-day Windows LSA Spoofing Vulnerability (CVE-2022-26925) to its Known Exploited Vulnerabilities Catalog.

CISA adds Windows LSA Spoofing Vulnerability (CVE-2022-26925) to Known Exploited Vulnerabilities Catalog Read More »

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include PwnKit)

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / June 30, 2022 / Chromium, CISA, CVE-2018-4344, CVE-2019-8605, CVE-2020-3837, CVE-2020-9907, CVE-2021-30983, Linux, pkexec, polkit, PwnKit

The Cybersecurity and Infrastructure Security Agency (CISA) has added eight vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, Mitel, Google Chromium, and the RedHat “PwnKit” vulnerability (CVE-2021-4034) in Polkit’s pkexec tool.

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include PwnKit) Read More »

Mozilla releases Firefox 102 with fixes for 4 High severity vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / June 30, 2022 / CVE-2022-34468, CVE-2022-34470, CVE-2022-34479, CVE-2022-34484, Firefox, Firefox102

The Mozilla Foundation has patched four High risk vulnerabilities in Firefox 102, as well as a number of other bug fixes.

Mozilla releases Firefox 102 with fixes for 4 High severity vulnerabilities Read More »